Bump fast-json-patch from 2.0.7 to 3.1.1#14
Closed
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)
Bumps [fast-json-patch](https://github.com/Starcounter-Jack/JSON-Patch) from 2.0.7 to 3.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Starcounter-Jack/JSON-Patch/releases">fast-json-patch's releases</a>.</em></p> <blockquote> <h2>3.1.1</h2> <p>Security Fix for Prototype Pollution - huntr.dev <a href="https://github-redirect.dependabot.com/Starcounter-Jack/JSON-Patch/issues/262">#262</a></p> <h2>Bug fixes and ES6 modules</h2> <p>Use ES6 Modules</p> <ul> <li>package now exports non-bundled ES module <a href="https://github-redirect.dependabot.com/Starcounter-Jack/JSON-Patch/pull/232">Starcounter-Jack/JSON-Patch#232</a></li> <li><code>main</code> still points to CommonJS module for backward compatibility</li> <li>README recommends use of <strong>named</strong> ES imports</li> </ul> <p>List of changes <a href="https://github.com/Starcounter-Jack/JSON-Patch/compare/v2.2.1...3.0.0-0">https://github.com/Starcounter-Jack/JSON-Patch/compare/v2.2.1...3.0.0-0</a></p> <h2>Use ES6 Modules</h2> <ul> <li>package now exports non-bundled ES module <a href="https://github-redirect.dependabot.com/Starcounter-Jack/JSON-Patch/pull/232">Starcounter-Jack/JSON-Patch#232</a></li> <li><code>main</code> still points to CommonJS module for backward compatibility</li> <li>README recommends use of <strong>named</strong> ES imports</li> </ul> <p>Full list of changes <a href="https://github.com/Starcounter-Jack/JSON-Patch/compare/v2.2.1...3.0.0-0">https://github.com/Starcounter-Jack/JSON-Patch/compare/v2.2.1...3.0.0-0</a></p> <h2>Fix default import</h2> <p>This patch release fixes a regression introduced in 2.2.0, namely: the default import using ES6 with Webpack/Babel stopped working (<a href="https://github-redirect.dependabot.com/Starcounter-Jack/JSON-Patch/issues/233">Starcounter-Jack/JSON-Patch#233</a>).</p> <p>This version fixes the problem by adding an explicit default import.</p> <h2>Generate invertible test operations</h2> <p>New feature:</p> <ul> <li>Ability to generate test operations for original values in the first object, also known as "invertible" operations. Search fro the word <code>invertible</code> in <code>README.md</code> for details about usage (PR <a href="https://github-redirect.dependabot.com/Starcounter-Jack/JSON-Patch/issues/228">#228</a>, PR <a href="https://github-redirect.dependabot.com/Starcounter-Jack/JSON-Patch/issues/226">#226</a>).</li> </ul> <p>Code quality:</p> <ul> <li>Replace <code>deep-equal</code> with <code>fast-deep-equal</code> (PR <a href="https://github-redirect.dependabot.com/Starcounter-Jack/JSON-Patch/issues/227">#227</a>)</li> <li>Remove traces for support for legacy browsers which were broken since <a href="https://github.com/Starcounter-Jack/JSON-Patch/releases/tag/v2.0.7">v2.0.7</a> (PR <a href="https://github-redirect.dependabot.com/Starcounter-Jack/JSON-Patch/issues/229">#229</a>)</li> <li>Fix testing framework</li> </ul> <h2>Enhancements and bug fixes</h2> <ul> <li> <p><code>applyOperation</code> and <code>applyReducer</code> now accept an optional index parameter. This param is used to create more elaborate error messages when invalid operations occur in your patches, <a href="https://github-redirect.dependabot.com/Starcounter-Jack/JSON-Patch/pull/221">Starcounter-Jack/JSON-Patch#221</a>.</p> </li> <li> <p>Error messages are now nicely-formatted, they look like:</p> </li> </ul> <pre><code> The specified index MUST NOT be greater than the number of elements in the array name: OPERATION_VALUE_OUT_OF_BOUNDS index: 1 operation: { "op": "add", "path": "/root/1", "value": "val" } tree: { </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Starcounter-Jack/JSON-Patch/commit/9d313ac01916e525e9204074f06e5295edec491b"><code>9d313ac</code></a> fix(tests): Updated tests to reflect new error message</li> <li><a href="https://github.com/Starcounter-Jack/JSON-Patch/commit/e4f4eb3e680fdedf0c51374ec8b9f0467f53a327"><code>e4f4eb3</code></a> 3.1.1</li> <li><a href="https://github.com/Starcounter-Jack/JSON-Patch/commit/d7903fba45c7090845c87e740aa63951e97e51c8"><code>d7903fb</code></a> fix: typescript codegen changes</li> <li><a href="https://github.com/Starcounter-Jack/JSON-Patch/commit/5f04488153d0d6b5b422bdf11e6b8a9031d80029"><code>5f04488</code></a> Bumping version number</li> <li><a href="https://github.com/Starcounter-Jack/JSON-Patch/commit/7e9fe1332d2f4bf9d8b03e0dc4a76d5b1d755e77"><code>7e9fe13</code></a> Typescript provided</li> <li><a href="https://github.com/Starcounter-Jack/JSON-Patch/commit/097864a652c2fe2fd5c8fc308a3521395a3f6930"><code>097864a</code></a> Documentation updated</li> <li><a href="https://github.com/Starcounter-Jack/JSON-Patch/commit/51964ed42eac9e3c302a53695e4928d87f092ff1"><code>51964ed</code></a> feat: Cleaned up vars vs consts</li> <li><a href="https://github.com/Starcounter-Jack/JSON-Patch/commit/8a6a3602e902e1926d4df910994ddee70f253087"><code>8a6a360</code></a> New build</li> <li><a href="https://github.com/Starcounter-Jack/JSON-Patch/commit/adeb42216833f318f1c99e93e5dd0333a427978d"><code>adeb422</code></a> Update .gitignore</li> <li><a href="https://github.com/Starcounter-Jack/JSON-Patch/commit/59336fec780b450406873fe663e94c6d73d26f97"><code>59336fe</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/Starcounter-Jack/JSON-Patch/issues/292">#292</a> from Starcounter-Jack/dependabot/npm_and_yarn/ajv-6.12.6</li> <li>Additional commits viewable in <a href="https://github.com/Starcounter-Jack/JSON-Patch/compare/v2.0.7...3.1.1">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~mountain-jack">mountain-jack</a>, a new releaser for fast-json-patch since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/prappo/ludo-game/network/alerts). </details>
AI Analysis
This issue appears to be discussing a feature request or bug report related to the repository. Based on the content, it seems to be resolved. The issue was opened by dependabot[bot] and has received 1 comments.
Add a comment
Comment form would go here